Overview

overview

7

Static

static

7

72e36e34a1...18.exe

windows7-x64

7

72e36e34a1...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ch.dll

windows7-x64

3

$PLUGINSDI...ch.dll

windows10-2004-x64

3

cwd.exe

windows7-x64

3

cwd.exe

windows10-2004-x64

3

htmlayout.dll

windows7-x64

7

htmlayout.dll

windows10-2004-x64

7

winzipninfo.html

windows7-x64

3

winzipninfo.html

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    26/07/2024, 06:16 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    winzipninfo.html

  • Size

    675B

  • MD5

    02029ab8b7bc28c3d09e00ba4f941f21

  • SHA1

    67da83f3b8aedc54bf22826a835fc60d23bdca06

  • SHA256

    2469883ccb911d349779bb99d032e72b849fa44cd82780cdbbc0deed41e9e896

  • SHA512

    7c04f50465465a01c059dc73957a131cf99fc8b907c54b2bd7d78cd6154083c5ada9579fbed33614f92d603ec8480579a0d3f05b8b2ee6c3ddc84c0f54df3c76

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\winzipninfo.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2740
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2740 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2704

Network

    No results found
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
     7.7kB
     9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
     7.7kB
     9
    12
No results found

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    625a4ea70941fa2258a3dcac63b7cbca

    SHA1

    74995b93166f08734a3060cd9c073560be97cd37

    SHA256

    b33379c2ea8aac2ccd13fe02d0f1f7ed6f07dafb8e4ab3781bfad91d70bf60b3

    SHA512

    444f580d356b5c1caf896a64fa211f18f687f82c423a47c88c37eb4d9253bba975291f90f9c2503e23e468aa449ad00dd60705da3179ab0323e1eb2232a64679

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    65277f1e987f569dc6596548984d40c0

    SHA1

    1f31cd7fe6513ef8bea97b66b9fbb882bdac0173

    SHA256

    37ab6348fef0ed78c1b0d45dd44df9e9748ae586faac08eff1a64c3630014278

    SHA512

    df505e8710bde396ae5e1cd0ef046932c986074f9542879961ce2cb15ad8a54fc7faa94532b3275e24b51183ce7abf0e4cc41bd93674ac9411a73a73348004b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    42853ef83e4be0eef1811065551e02f1

    SHA1

    676e871129e18b32cb50bac44cc1374b62023bcd

    SHA256

    a8fdfb89fb544666e8453e6cec9b57689071f24e60b369e57ae76fcb1ab5acfc

    SHA512

    6bc9ed1a3c58c881fe21b9f0ff7116496e1deaddee88c95a3511cbbd5c187337c8d2dfa5a3f6e85d5721646c0627587784b1a523f695ee02994f265115715ea6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94d2c938381dbc0dcb0ec075f57d699b

    SHA1

    5408c3733d946093d0f527af19b70ff75511f95d

    SHA256

    3eb88bbee0c083c3a2da5a316ca177610996c090936b936f56876300a2ae3965

    SHA512

    55846e07bd48d249181e7da2c07df8bf899e19639b96c2f6e17e1a5e3e5c53655f4573eed7ab04ab3e38799806f50134dad1d2b98bd5699fb1f22dcf5c62fc43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54fca69ef2511dd3ed0e645ba36aba80

    SHA1

    a578922184afca4335682586f3d1ba255fb701cf

    SHA256

    e6aa7e21dfe954448867cc51bfa184844a8eab12f880a8baa12a7760b6b5f583

    SHA512

    608a3e5781fd291e3259fb244c43ebb28a6c56942ca23034568cb3b20034b4654a993372fc00830c7bc4fef9ce8ad46c1adbe0c161b979cc4d2a87807ec05b74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    829fd406747dad243034bd775a45620d

    SHA1

    92a6a520087388a9359227aefd4510b35b4ef804

    SHA256

    a5313b082f339234e1518ce35af385dc8f201699fc46efa158325ce4300130da

    SHA512

    bfaba189f9fc0034910961be53d5f4f62741398b7cc24532a6a03fc74970deccc6391e937d65069dd4f2c1b55aab03f93f86362f32a31f48b3efd93f7c2be938

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c58e872d3b55b29b4ba27479ee65c28

    SHA1

    b1683fb881820c54a0da638b2651d380f340be99

    SHA256

    619452580ee17c8bc0bc17633cae9634075730e3967f21f61dc8d4e632627291

    SHA512

    1a2ae2e2c4ac3be8d80d07de75025e87ce8cb8f56d364732f73a372557524e986c9bbedb829b26adc95a68ba4e618952f69ca719fe7ff37b26b3106a8808ade3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a38258c4cd198f200375c19e297d7f5

    SHA1

    10b32f58dd27b044b068739ac8cd92e51eabef8f

    SHA256

    5e393d1bf3efec2706c3e9e50b157036367083e79e24fcdeaf91cfe77221290c

    SHA512

    5d092b51c28d630056bc6d7fc23bc7f97184da5556a92971ac8a62090ec74260fbbf6ad1b7f99f563a9fc4c4cbb7a813d7606aa701a624cb46f57ec64532ad38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99638d4c1d9ce72cc38bfce896e550a5

    SHA1

    3275fd52076457d298ceaf280e1e94bc2c8ca894

    SHA256

    64b333b97b82fec32410e0555f3cd09e1969a426ac4b291ee362712651637344

    SHA512

    9b6abe6a0474d85eda963316ea49c7dcfdb9ae1a5406149620123d4a7bb6bdf5133458812d55ba9125a4b8e225d72a5ac6eed4515ebfe0730f4af73e2fb6d02c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c9e5003b1eae2cb3905f17c685c99524

    SHA1

    4a5089532305780e4182698f5651ff2a35e63275

    SHA256

    a81d23de1ff3ebac744257851c847042ba3027444c89506fa6c7bda468941fd7

    SHA512

    f6344117cac4be4ab4f1c1543bf0b8ebd2852c27b7d73d725cdf07fcb13b50d8333f81451d38f69d9aff7eec545a36c02882c69f44e432c5790fdb9d7da78604

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f80d8fc0c433e942b64e2a59d896c8c7

    SHA1

    c5f0e66b6a85c0781d070d0e96872419ecfe5c51

    SHA256

    54f77ae88ffb89ff59c685ede433df0c875e31a08d11a6850feff71cf43a7028

    SHA512

    d6ed32c75bf52d0c5a6283c25bd64dc15bcad39f4ae4d6c960008d043431e5e8a53d8e2e0dafe5c7fda2ab7283163491d197ecc6d12d6f1cc64e455c9871d141

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    633e1cca5d0a9b665ebe296e38464ac4

    SHA1

    10ca63d5d1a8c30b722055e7a14261b0c1db93ec

    SHA256

    9472458233957c195b94cd3ace5a5cb814057301e2c0c171235760d3571ff213

    SHA512

    66d3d242c7ac443aab39f2570e91725c57f62eb3a192a0e64f28ac68ab0feb54a271a16e56e640e4a7b30119dc1d4ab552e1008ba05da34bbc243af940e7c6e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    886dce87693e6f13975f692c8c0c744a

    SHA1

    493e27acc84f78fb328d555ff73885c147f16711

    SHA256

    3f7d4719b98315a91fb6904503a3a574e503ca9aec703065571cb135c084a377

    SHA512

    04a18a225fefe9035701ed3eae2c5873ca7fe6f33842e38c1f705626f283df6f3b45da724ff5ccfbe7a060e0aba19746a190641a9355fa5b30aabfc41755be28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b3fc6b676bb75944d8bf9ed807df0814

    SHA1

    eb92b94a80883c72a31e3f309820216034ba92d6

    SHA256

    ea090ef3c52ef4deac15aed723845db8f0e90dad825b1fbd74f59a4147121dee

    SHA512

    91ed706556b131e16499e326319b742a85ea62e2a5fe8ce8afc28a4789ce08aba2dc6f41a7baa00ec8502c94541c82dc711af6618631571db48ac7e0d37bbc5d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2bf54f1b0c762cc0b719fac4c3f966d

    SHA1

    559a54fb2990a49261515eaf42e6b7bf153be3f5

    SHA256

    ec83d279599859bc79c9c27f9f94095fb48dc36adee828ca23d4d0cd6679fdcc

    SHA512

    af49f53b017037dc233587f49c8820a98f851bb8a2aaf384cc4551722049e9a6973bb88cca11be483903570f67e2b27491bf79503a5d73f2cc73bc5c9cf4b44f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d089d36506dc78fd97a6aaf9e8bfaa54

    SHA1

    09889a937c2059b26b7f8ec0f098e1ba337b8d5d

    SHA256

    dc8b1c0f544ce4a4c172895870259d7f6cf61f8217bf3b7f2f01a4b8f915f5ed

    SHA512

    91f9aea788d81b569072e1ccd1d3fa248290ef6fe18a21be6c793d4c4a354bd0897b3993a651fa6dfd97b756462af145518a750a2a09e8143eda46f6477e6b08

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d7da8c9f032de34b917095ceb2de815

    SHA1

    103743b4687efb0de194db71e5656dcafb7d82ee

    SHA256

    c40983f550b02d7644c3b53d1648a98d409ce026f477a6813c5ae550c019e6a0

    SHA512

    3c0c53928c078d528dc76e391be62aa2a12020ac765acee34c151046541fdbd025a5e0678d5f67d87d55b2f3f40b20a79e6848df5d8a0c6c8ad312eef0655196

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    60075c9b40e90927aa2d653fe2ccb623

    SHA1

    5018ddea3ddca5cc111c4cb7e90ddce308ee4a20

    SHA256

    ce2e7e9c777eef5a901bd2da0f1e7dc34b11b920d27d51cd25b43f6dc4825908

    SHA512

    0efc4a6b96ec38cac7a37bcef8aaa52d8a7e65b08f75359ff8aa37d49b5ffae4112ccd07ef5be5d8398efe30ecd53daeffac7fe46d251fd19ee67cb8267398cb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1A55.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1B06.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.